<?
include "loggedin.inc.php";
require('../includes/messages.inc.php');
require('../includes/config.inc.php');
require("header.php");
require('../includes/styles.inc.php'); 

if(isset($_POST[s1]))
{
	$MyBanner = $_FILES[BannerFile][name];

	if(!empty($MyBanner))
	{
		$NewName = time()."_".$MyBanner;

		copy($_FILES[BannerFile][tmp_name], "../banners/$NewName");

		$q1 = "insert into PHPAUCTION_banners set 
							BannerFile = '$NewName',
							BannerAlt = '$_POST[BannerAlt]',
							BannerURL = '$_POST[BannerURL]' ";
		mysql_query($q1) or die(mysql_error());
	}
}

?>

<script>

function NewBanner() {

	if(document.f1.BannerFile.value=="")
	{
		alert('Select the banner file from your computer!');
		document.f1.BannerFile.focus();
		return false;
	}

	if(document.f1.BannerAlt.value=="")
	{
		alert('Enter the ALT text, please!');
		document.f1.BannerAlt.focus();
		return false;
	}

	if(document.f1.BannerURL.value=="" || document.f1.BannerURL.value.length < '11')
	{
		alert('Enter the URL, please!\n\nFormat: http://www.domain.com');
		document.f1.BannerURL.focus();
		document.f1.BannerURL.value="http://";
		return false;
	}

}

</script>

<br><br>

<form method=post name=f1 enctype="multipart/form-data" onsubmit="return NewBanner();">

  <table align=center width=300>
    <caption align=center>
    <font color=black face=verdana size=2><b>Upload a new banner</b></font> 
    </caption>
    <tr> 
      <td align=right><font size="2" face="Tahoma, Verdana, Arial, Helvetica, sans-serif">File:</font></td>
      <td><input type=file name=BannerFile></td>
    </tr>
    <tr> 
      <td align=right><font size="2" face="Tahoma, Verdana, Arial, Helvetica, sans-serif">ALT 
        text:</font></td>
      <td><input type=text name=BannerAlt size=31></td>
    </tr>
    <tr> 
      <td align=right><font size="2" face="Tahoma, Verdana, Arial, Helvetica, sans-serif">URL:</font></td>
      <td><input type=text name=BannerURL value="http://" size=31></td>
    </tr>
    <tr> 
      <td>&nbsp;</td>
      <td><input type=submit name=s1 value=Upload class="sub1"></td>
    </tr>
  </table>
  <p align="center">&nbsp;</p>
</form>

<br><br>

<?

//get the banners
$q1 = "select * from PHPAUCTION_banners";
$r1 = mysql_query($q1) or die(mysql_error());

if(mysql_num_rows($r1) == '0')
{
include("footer.php");
	exit();
}

?>

<table align=center width=500>
<caption align=center><font face=verdana size=2><b>Your banners</b></font></caption>

<?

while($a1 = mysql_fetch_array($r1))
{
	echo "<tr>\n\t<td align=center><a href=\"$a1[BannerURL]\" target=_blank><img src=\"../banners/$a1[BannerFile]\" alt=\"$a1[BannerAlt]\" border=1 style=\"border-color:black\"></a><br><a class=RedLink href=\"delete_banner.php?id=$a1[BannerID]\">delete this banner</a><br><br></td>\n</tr>\n\n";
}

?>


</table>

<?
include("footer.php");
?>